CVE-2008-4956

Name of the Vulnerable Software and Affected Versions fwbuilder version 2.1.19

Description The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file, specifically targeting the /tmp/ssh-agent file through the fwb install component.

Recommendations For fwbuilder version 2.1.19, consider restricting access to the fwb install component until a patch is available, and avoid using the /tmp/ssh-agent temporary file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.